package com.minglead.springboot.platform.sys.security;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

import com.minglead.springboot.common.security.Digests;

/**
 * 自定义密码加密
 * @author clz
 * @date 2017-6-8
 */
public class CustomCredentialsMatcher extends SimpleCredentialsMatcher{
	 @Override  
     public boolean doCredentialsMatch(AuthenticationToken authcToken, AuthenticationInfo info) {  
         UsernamePasswordToken token = (UsernamePasswordToken) authcToken;  
         Object accountCredentials = getCredentials(info);
         Object tokenCredentials = encrypt(String.valueOf(token.getPassword()));  
         
         //以下是业务相关,为了适应单点登录系统而改造的,他直接传递密文过来
         if(accountCredentials.toString().equals(new String(token.getPassword())))
        	 return true;
         
         
         //将密码加密与系统加密后的密码校验，内容一致就返回true,不一致就返回false  
         return equals(tokenCredentials, accountCredentials);
     }  

     /**
      * 将传进来密码加密方法  
      * @param data
      * @return
      */
     private String encrypt(String data) {  
         String md5 = Digests.getMd5(data);//md5简单加密
         return md5;  
     }  
}
